<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 5/28/2021



SolarWinds hackers are back with a new mass campaign, Microsoft says

The Kremlin-backed hackers who targeted SolarWinds customers in a supply chain attack have been caught conducting a malicious email campaign that delivered malware-laced links to 150 government agencies, research institutions and other organizations in the US and 23 other countries, Microsoft said. The hackers, belonging to Russia's Foreign Intelligence Service, first managed to compromise an account belonging to USAID, a US government agency that administers civilian foreign aid and development assistance. READ MORE...

Pulse Secure VPN hacking also hit transportation, telecom firms, FireEye says

A sprawling Chinese espionage operation against U.S. and European government organizations extends to additional commercial sectors than previously known and involves four new hacking tools, security firm FireEye said Thursday. All told, two China-linked groups - and other hackers that investigators did not name - are exploiting virtual private network software in breaches that have touched the transportation and telecommunication sectors, according to FireEye. READ MORE...


NASA Identified Over 6,000 Cyber Incidents in Past 4 Years

The U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years, according to a report published this month by NASA's Office of Inspector General. NASA has institutional systems, which are used for the day-to-day work of employees. It also has mission systems, which support its aeronautics, space exploration and science programs. READ MORE...


Targeted AnyDesk Ads on Google Served Up Weaponized App

A fake version of the popular remote desktop application AnyDesk, pushed via ads appearing in Google search results, served up a trojanized version of the program. The campaign even bested AnyDesk's own ad campaign on Google - ranking higher in its paid results. The campaign, active since April 22, is notable because the criminals behind the malicious ad managed to avoid Google's anti-malvertising screening policing. READ MORE...

Information Security

Cozy Bear revisits one of its greatest hits, researchers say: election skulduggery

It looks like the Russian government-linked hacking group Cozy Bear is back in the election trickery business. The security firm Volexity publicized a spearphishing campaign on Thursday that it identified only days ago, a scheme that uses an election fraud document as a lure. The emails purport to be from the the United States Agency for International Development, with targets including government agencies, research institutions and nongovernmental organizations in the U.S. and Europe. READ MORE...


Covert channel in Apple's M1 is mostly harmless, but it sure is interesting

Apple's new M1 CPU has a flaw that creates a covert channel that two or more malicious apps-already installed-can use to transmit information to each other, a developer has found. The surreptitious communication can occur without using computer memory, sockets, files, or any other operating system feature, developer Hector Martin said. The channel can bridge processes running as different users and under different privilege levels. READ MORE...

FBI Shares IOCs for APT Attacks Exploiting Fortinet Vulnerabilities

The FBI on Thursday published indicators of compromise (IOCs) associated with the continuous exploitation of Fortinet FortiOS vulnerabilities in attacks targeting commercial, government, and technology services networks. In early April, the FBI along with the Cybersecurity and Infrastructure Security Agency (CISA) warned that threat actors had been targeting serious security holes in Fortinet's flagship operating system FortiOS for initial access into victims' networks. READ MORE...

Bluetooth bugs could allow attackers to impersonate devices

Cybercriminals could exploit several vulnerabilities in Bluetooth to carry out impersonation attacks and masquerade as a legitimate device during the pairing process, according to the Bluetooth Special Interest Group (SIG). The security flaws, which affect the Bluetooth Core and Mesh Profile specifications, were discovered by researchers at France's national cybersecurity agency ANSSI. READ MORE...

On This Date

  • ...in 1588, A massive Spanish fleet, known as the "Invincible Armada", sets sail from Lisbon on a mission to secure control of the English Channel.
  • ...in 1892, naturalist John Muir organizes the Sierra Club.
  • ...in 1910, blues guitarist Aaron Thibeaux Walker, AKA "T-Bone" Walker, is born in Linden, TX.
  • ...in 1987, West German teenager Matthias Rust takes off from Helsinki in a small aircraft, makes an unauthorized 400-mile flight through Soviet airspace, and lands in Red Square.